Denial-of-Service attacker tells Brian Krebs he's working for the FBI

From the Boing Boing Shop

Popular Posts

Follow Us

Last week, I blogged Brian Krebs's amazing piece on AsylumBooter, a cheesy denial-of-service-for-hire site apparently run by a 17-year-old Chicago-area honor-roll student named Chandler Downs, whose PayPal account was flush with more than $30,000 paid by people who'd launched more than 10,000 online attacks.

Now, Krebs has uncovered an even weirder booter story: Ragebooter is another DoS company, but this one is run by a guy who claims to be working part time for the FBI, and who says that the FBI has its own login to his site, and review all the IP addresses and other traffic data it logs.

Ragebooter.net’s registration records are hidden behind WHOIS privacy protection services. But according to a historic WHOIS lookup at domaintools.com, that veil of secrecy briefly fell away when the site was moved behind Cloudflare.com, a content distribution network that also protects sites against DDoS attacks like the ones Ragebooter and its ilk help to create (as I noted in Monday’s story, some of the biggest targets of booter services are in fact other booter services). For a brief period in Oct. 2012, the WHOIS records showed that ragebooter.net was registered by a Justin Poland in Memphis...

...
“I also work for the FBI on Tuesdays at 1pm in memphis, tn,” Poland wrote. “They allow me to continue this business and have full access. The FBI also use the site so that they can moniter [sic] the activitys [sic] of online users.. They even added a nice IP logger that logs the users IP when they login.”

When I asked Poland to provide more information that I might use to verify his claims that he was working for the FBI, the conversation turned combative, and he informed me that I wasn’t allowed to use any of the information he’d already shared with me. I replied that I hadn’t and wouldn’t agree that any of our discussion was to be off the record, and he in turn promised to sue me if I ran this story. That was more or less the end of that conversation.

Poland gave Krebs the working personal number of an FBI agent identified as "Agent Lies," who put him onto the FBI's press contact, who stonewalled. Meanwhile, Ragebooter leaks a lot of info and there's some reason to believe that the FBI really does have its own back door.

The Mirai worm made its way into information security lore in September, when it was identified as the source of the punishing flood of junk traffic launched against Brian Krebs in retaliation for his investigative reporting about a couple of petty Israeli criminals; subsequent analysis showed Mirai to be amateurish and clumsy, and despite this, […]

Gabriella Coleman is the “hacker anthropologist” whose book on the anthropology of Anonymous is among the best books on hacking I’ve ever read; her new paper in Current Anthropology, From Internet Farming to Weapons of the Geek, poses a fascinating question: given that hackers are as well-paid and privileged as doctors, lawyers and academics, how […]

The Black Friday Mac Bundle 2.0 is one of the Boing Boing Store’s best-selling Mac bundles yet, and it’s about to come to an end. If you don’t get your copy now, here’s what you’ll be missing:This bundle comes packing 9 top-rated Mac apps in one package, at the hugely discounted price of just $23.99. […]

The Boing Boing Store’s Gift Guide is full of ideas for pretty much anyone in your life like hipster ice cub trays, Xbox controllers, Halo Boards, and even diamond necklaces. As always, all products in the Boing Boing Store come at great discounts, too. Shop by price bucket starting at under $20. Under $20:Bloxx Jumbo Ice Trays […]

Unlike traditional lighters, the SaberLight features an electronic plasma beam that’s both rechargeable and butane-free. This sleek lighter is even approved by TSA, so you’ll never be stuck buying lighters you’ll just have to throw away partially used. For some people, like me, this is a pretty big game-changer. The SaberLight’s beam is actually both hotter and cleaner […]

8

I certainly wouldn’t put it past a slimy DDoS merc to be lying; but that also seems like the sort of arrangement that the FBI would find very convenient indeed.

We know *cough* Whitey Bulger*cough* that our friendly feds have been… flexible… in the past about the behavioral standards of their collaborators. In the case of a DDoS, which is potentially costly and disruptive; but produces no media splash or victims likely to get long-term play, I’d imagine that ignoring the operator in exchange for a steady stream of dumb opportunists filing into his office to commit interstate felonies under your watchful gaze would be pretty attractive.

Totally Monday night quarterbacking, but it would have been awful funny if, when the kid realized he wasn’t off-record, Mr. Reporter put the screws to him. “Y’know, it would be pretty rough on your business if people knew the FBI was monitering [sic] their activitys [sic] . Let’s talk.”

“Poland admitted in one of our Facebook chats that his own site was recently breached, leading to the leak of ragerbooter’s user database; the attackers broke into his Skype account, and then rifled through his Skype chats until they found login credentials to his servers.”

I did some poking around for a client that had been hit with one of these 13347 DDoS attacks. I would actually consider it a professional courtesy if just once one of them showed evidence of an active brain cell.